D.O.M TEAM

4 exploits Active since Apr 2007
CVE-2008-0839 EXPLOITDB text WORKING POC
astatsPRO 1.0 - SQL Injection via refer.php id Parameter
SQL injection vulnerability in refer.php in the astatsPRO (com_astatspro) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-1843 EXPLOITDB text WORKING POC
MapLab 2.2.1 - Remote Code Execution via gmapfactory/params.php gszAppPath Parameter
PHP remote file inclusion vulnerability in gmapfactory/params.php in MapLab 2.2.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the gszAppPath parameter.
CVE-2008-0918 EXPLOITDB text WORKING POC
astatsPRO 1.0.1 - SQL Injection via id Parameter
SQL injection vulnerability in includes/count_dl_or_link.inc.php in the astatsPRO (com_astatspro) 1.0.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to getfile.php, a different vector than CVE-2008-0839. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-5123 EXPLOITDB text WORKING POC
Novus 1.0 - SQL Injection via nota_id Parameter
SQL injection vulnerability in notas.asp in Novus 1.0 allows remote attackers to execute arbitrary SQL commands via the nota_id parameter.